Stay Informed
This week, read about:
- PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.
- Meet Package Hunter: A Tool For Detecting Malicious Code in Your Dependencies.
- DARPA Makes Hardware Bug Bounty Platform Open Source.
Key Security, Maintenance, and Features Releases
Non-Security Updates
Apache Cassandra 4.0 and 3.11.11
4.0
* Avoid signaling DigestResolver until the minimum number of responses are guaranteed to be visible (CASSANDRA-16807)
* Fix pre-4.0 FWD_FRM parameter serializer (CASSANDRA-16808)
* Fix fwd to/from headers in DC write forwarding (CASSANDRA-16797)
* Fix CassandraVersion::compareTo (CASSANDRA-16794)
3.11.11
* Make cqlsh use the same set of reserved keywords than the server uses (CASSANDRA-15663)
* Optimize bytes skipping when reading SSTable files (CASSANDRA-14415)
* Enable tombstone compactions when unchecked_tombstone_compaction is set in TWCS (CASSANDRA-14496)
* Read only the required SSTables for single partition queries (CASSANDRA-16737)
Hibernate ORM 5.5.5
HHH-14740 HHH-14740 Still need the nullcheck removed in HHH-14727
HHH-14724 Metamodel generates invalid model classes for converters and user types
Jenkins 2.304
Fix an issue unzipping archives in a corner case when entries have the same path prefix as the target location. (issue 66094)
Avoid polluting the log when usage statistics can not be sent. (issue 66139)
Bump matrix-auth from 2.6.7 to 2.6.8. (pull 5630)
Remove support for native JNR (Java Native Runtime) chmod(2) and stat(2) implementations as opposed to NIO (Java non-blocking I/O) via the hudson.Util.useNativeChmodAndMode system property. This system property no longer has any effect. (pull 5606)
MySQL 8.0.26
macOS: It is now possible to build MySQL for macOS 11 on ARM (that is, for Apple M1 systems). (Bug #32386050, Bug #102259)
Building on openSUSE 15 and SLES 15 now requires GCC 9, found in packages gcc-9 and gcc9-c++.
Building on SLES 12 now requires GCC 10, found in packages gcc-10 and gcc10-c++.
It is also recommended to use the named GCC version when building third-party applications that are based on the libmysqlclient C API library. (Bug #32886268, Bug #32886439)
Wildfly 24.0.1
[WFLY-14880] - Upgrade bouncycastle to 1.69 (new transitive dependency)
[WFLY-15013] - Upgrade netty from 4.1.65 to 4.1.66
[WFLY-15034] - Upgrade WildFly Core to 16.0.1.Final
[WFLY-15063] - Upgrade wildfly-datasources-galleon-pack dependency to 2.0.3.Final
ISC Bind 9.16.19
The code managing RFC 5011 trust anchors created an invalid placeholder keydata record upon a refresh failure, which prevented the database of managed keys from subsequently being read back. This has been fixed. [GL #2686]
Signed, insecure delegation responses prepared by named either lacked the necessary NSEC records or contained duplicate NSEC records when both wildcard expansion and CNAME chaining were required to prepare the response. This has been fixed. [GL #2759]
If nsupdate sends an SOA request and receives a REFUSED response, it now fails over to the next available server. [GL #2758]
A bug that caused the NSEC3 salt to be changed on every restart for zones using KASP has been fixed. [GL #2725]
JBPM 7.57.0.Final
[JBPM-9675] - Query UserTasks OR-like
[JBPM-9716] - Wrong bootstrap servers property in the Kafka Emitter
[JBPM-9794] - Locking issue with aborted parent process instance
[JBPM-9797] - Fix dispose engine for cancel dependent subprocess node
PHP 7.4.22 and 8.0.9
8.0.9
Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files).
Fixed bug #81163 (incorrect handling of indirect vars in __sleep).
Fixed bug #81159 (Object to int warning when using an object as a string offset).
Fixed bug #80728 (PHP built-in web server resets timeout when it can kill the process).
7.4.22
Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files).
Fixed bug #81163 (incorrect handling of indirect vars in __sleep).
Fixed bug #80728 (PHP built-in web server resets timeout when it can kill the process).
Fixed bug #73630 (Built-in Weberver - overwrite $_SERVER['request_uri']).
Spring Framework 5.3.9
Configure CommonsMultipartResolver to support specific HTTP methods #27161
Allow BeanDefinitionBuilder to set an instance supplier with a ResolvableType #27160
Reason of @ResponseStatus on handler method is not resolved by MessageSource #27156
ResourceHandlerRegistry#getHandlerMapping should initialize handler once in outer loop #27153
Squid Web Cache 5.1
Fix SslBump reconfiguration leaking public key memory (#861) …
Fix ACL-related reconfiguration memory leak (#859) …
Bug 4696: Fix leaky String move assignment operator (#858) …
rousskov authored and yadij committed 4 days ago
Fix build on RISC-V (#856) …
Have Questions About CentOS 8 EOL?
Don’t miss our August 9 radio show, End of Life? Impact Analysis for CentOS Community, featuring The Bloor Group CEO Eric Kavanagh, Perforce OSS Evangelist Javier Perez, and special guests.